<?php
    $DEBUG = true;
    include_once "classes/User.php";
    session_start();
    include_once "session.php";
    if (!isLoggedIn()) {
        exit();
    }
    $DO_GET = $DEBUG;
    $IN = $DO_GET ? $_GET : $_POST;
    include_once "db/db_cse305.php";
    header ("Expires: Sat, 1 Jan 2000 01:00:00 GMT");
    header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    header ("Cache-Control: no-cache, must-revalidate");
    header ("Pragma: no-cache");
    if (!isset($IN["term"])) {
        if ($DEBUG)
            echo "'term' not set.<br />";
        exit();
    }
    $q = $IN["term"];
    
    $arr = array();
    $query = sprintf(
            "SELECT StockSymbol FROM stocks WHERE StockSymbol LIKE '%%%s%%' LIMIT %d",
            mysql_real_escape_string($q), 15);
    $result = mysql_query($query) or die(mysql_error());
    while ($row = mysql_fetch_array($result)) {
        array_push($arr, $row["StockSymbol"]); 
    }
    mysql_free_result($result);
    header("Content-Type: application/json");
    echo json_encode($arr);
?>
